|
From: | Alberto Faria |
Subject: | Re: [PATCH v2 06/10] block: Make 'bytes' param of bdrv_co_{pread, pwrite, preadv, pwritev}() an int64_t |
Date: | Tue, 17 May 2022 15:48:59 +0100 |
On Tue, May 17, 2022 at 3:33 PM Eric Blake <eblake@redhat.com> wrote: > ...now end up calling QEMU_IOVEC_INIT_BUF() which tries to do > .local_iov.iov_len = bytes, which can silently overflow on 32-bit > platforms where iov_len is size_t. We need to add a code guard that > callers do not pass in too large of a buffer. I see. blk_co_pread() and blk_co_pwrite() use assert(bytes <= SIZE_MAX). Would that be an appropriate safeguard here? Or should we return an error? Alberto
[Prev in Thread] | Current Thread | [Next in Thread] |